Section 22: Troubleshooting Network Issues Flashcards
Startup vs Running Config
show startup-config: ▪ Stored in NVRAM and contains the commands needed to initially configure a router
show running-config: ▪ Actively being used by the router at that moment
copy running-config startup-config
To view routing information
Cisco: show ip route
WIndows: route print
Linux, Unix, OSx: route -n
Collision Domain
▪ Network segment where simultaneous data transmissions collide with one another
▪ Use any Layer 2 device to break apart collision domains
● Turn off autonegotiation
● Hardcode lower speed
● Change to half-duplex
Broadcast Storm
▪ Occurs when a network system is overwhelmed by continuous multicast or broadcast traffic
● Layer 2: FF:FF:FF:FF:FF:FF
● Layer 3: 255.255.255.255
Broadcast domains can only be broken up by a router.
Broadcast Domain
▪ A logical division of computer network where all nodes can reach each other by broadcast at the data link layer
▪ Layer 2 devices will not break up a broadcast domain. Use a router to break up subnets into smaller broadcast domains.
Couple of Causes of Broadcast Storm:
1. Singular broadcast domain that is too large (too many clients). Use subnets and routers.
2. Large volume of DCHP requests: (DORA) Discover-Offer-Request-Acknowledge. If a lot of clients are requesting IP address at same time (After network equipment reboot, for example.) Check if DHCP relays are in use.
3. Loops created if unmanaged switches are cabled together.
o Enable Bridge Protocol Data Units (BPDU) on managed switches
o Enforce a maximum number of MAC addresses per port
Identify a broadcast storm by looking at packet counters and compare to baseline; Look at network monitoring tools and look at packet loss; Best way is to setup packet analyzer and look for broadcast packets.
Duplicate MAC Addresses (Layer 2)
Duplicate IP Addresses (Layer 3)
Multicast Flooding
▪ No specific host is associated with the multicast MAC address in the CAM table of the switch. To prevent, configure switch to block unknown multicast packets.
Asymmetrical Routing
▪ Network packets leave via one path and return via a different path
▪ Routing issues cause issues with dropped packet flows
(When traffic flows across two different layer 2 bridge pair interface: router/firewall) When using load balancing and HSRP protocol can occur, stateful firewall, deep packet inspection. Solution is to place firewall and router so traffic flows through same device in both directions.
Missing Routes
▪ When a router cannot reach a destination because there is a missing route in the routing table.
Switching/ Bridge Loop
▪ Switching loops are usually an issue with how STP is configured
(To prevent enable STP and configure (command: show spanning-tree))
Routing Loop (most created when using static routes)
▪ Formed when an error occurs in the operation of the routing algorithm and creates a circular route amongst a group of network devices
▪ Routing loops are caused by logical Layer 3 circular connections that may exist in a routing table
● Time to Live (TTL) to help avoid routing loops
Split Horizon (to avoid routing loop prevention)
▪ Routing configuration that stops a route from being advertised back in the direction from which it came
● ip split-horizon
● no ip split-horizon
Route Poisoning (to avoid routing loop prevention)
▪ Increasing a router’s metric to an infinitely high number after detecting one of its connected routes has failed (Happens automatically)
Hold-Down Timer (to avoid routing loop prevention)
▪ Prevents bad routes from being restored and passed to other routers by accident
● Hold-down period
● 180 seconds (3 minutes)
▪ Statically-created routes are given a metric of 1 by default
